General
-
Target
plan-515372324.xlsb
-
Size
155KB
-
Sample
210629-ya5cdesfp2
-
MD5
08e52afbefa423fb9f1ea0af88a4880e
-
SHA1
2d688dfee28f75553bc1d3633f891d2e70e0408b
-
SHA256
aaa32ff3e41c61fe828f0850e702f5ed7ffd6177c4bf80ed15324525537f44cd
-
SHA512
7a5400ec826ecaa0fa6a8beb9022bd9e918f11cf97e57d747477720889f7203af983620e2f7b543fb1ff5cc5a9eff13447d6353506c862dfe2ebd23b7a63dee8
Behavioral task
behavioral1
Sample
plan-515372324.xlsb
Resource
win7v20210408
Behavioral task
behavioral2
Sample
plan-515372324.xlsb
Resource
win10v20210410
Malware Config
Extracted
| Language | xlm4.0 |
| Source |
|
| URLs |
xlm40.dropper
https://khangland.pro/v8gEDeSB/sun.html
xlm40.dropper
https://jaipurbynite.com/stLdQs9R53/sun.htm |
Targets
-
-
Target
plan-515372324.xlsb
-
Size
155KB
-
MD5
08e52afbefa423fb9f1ea0af88a4880e
-
SHA1
2d688dfee28f75553bc1d3633f891d2e70e0408b
-
SHA256
aaa32ff3e41c61fe828f0850e702f5ed7ffd6177c4bf80ed15324525537f44cd
-
SHA512
7a5400ec826ecaa0fa6a8beb9022bd9e918f11cf97e57d747477720889f7203af983620e2f7b543fb1ff5cc5a9eff13447d6353506c862dfe2ebd23b7a63dee8
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
MITRE ATT&CK Matrix
Collection
Command and Control
Credential Access
Defense Evasion
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation